In order to use the Conversation API, either directly or via Client SDKs, a User must be:
- Created by the Conversation API
- Have a valid JWT, provided by your backend. If you are using Client SDK, you User will need to log in to the SDK with the JWT.
The steps in authentication flow are:
- A User requests to log in to your client-side application
- Your backend generates a JWT user token
- Your backend sends the JWT to your client-side application
- Your client-side application can make authenticated requests to the the Conversation API, with the provided JWT
This authentication flow is illustrated in the following diagram:
These steps are described in more detail below.
A User requests to log in to the SDK. Your client-side app makes a request to your backend to authenticate the user. In that request your client app sends any credentials that your backend requires for your own authentication system.
Your backend performs authentication. If your own authentication process is successful, you send a request to the Conversation API to authenticate the User.
The Conversation API generates a JWT. If the user is valid your backend calls the Conversation API to generate a JWT for the user. To generate a JWT you need:
a. Your Nexmo application's private key. For security reasons, this should be generated and always securely stored on your backend application and not on the client.
b. A username that matches the username of the Nexmo User you’ve created with Conversation API.
c. Nexmo Application ID for the application that contains the User you generated the JWT for.
d. An Access Control List (ACL) that defines the user permissions. These permissions define the API endpoints is the user allowed to access.
Your backend sends the JWT to your client-side application.
Your client-side application can make authenticated requests to the Conversation API, with the provided JWT. If you use the Nexmo Client SDK, your User should log in to the SDK with the JWT. As long as you are logged in, the authentication will be handled for you by the SDK.
You are now ready to start creating a rich communication experience for your users.
For further information see the following documentation: